Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started

Reply
Anonymous
Not applicable

Sharing dashboard subsequently shares developer's SQL credentials

I am trying to determine if sharing a dashboard to an internal user via power bi service automatically shares the dashboard developer's database credentials. I work for a company that has a few government contracts and therefore is required to follow NIST regulations. I recently created a dashboard and was told by a member of our IT department that I could not share it to another user because they thought that power bi had the security flaw where whoever I shared it with would recieve my SQL credentials. I researched this, but have not been able to find anything referencing this supposed security flaw, except for one post from 2015 (below) that mentioned this security issue if you use the SSAS connector, which I didn't because I imported the data and setup a gateway to refresh. (https://community.powerbi.com/t5/Integrations-with-Files-and/Sharing-dashboards-security-issue/td-p/...)

 

Does anyone know if this is an actual security issue, and if so whether it has been fixed or any possible ways to work around it?

 

Thanks for the help!!

4 REPLIES 4
Anonymous
Not applicable

I am trying to determine if sharing a dashboard to an internal user via power bi service automatically shares the dashboard developer's database credentials. I work for a company that has a few government contracts and therefore is required to follow NIST regulations. I recently created a dashboard and was told by a member of our IT department that I could not share it to another user because they thought that power bi had the security flaw where whoever I shared it with would recieve my SQL credentials. I researched this, but have not been able to find anything referencing this supposed security flaw, except for one post from 2015 (below) that mentioned this security issue if you use the SSAS connector, which I didn't because I imported the data and setup a gateway to refresh. (https://community.powerbi.com/t5/Integrations-with-Files-and/Sharing-dashboards-security-issue/td-p/...)

 

Does anyone know if this is an actual security issue, and if so whether it has been fixed or any possible ways to work around it?

 

Thanks for the help!!

Anonymous
Not applicable

Hi @Anonymous,

 

If you are using SSAS and RLS as your data source then the appropriate RLS should be applied for each using access the dashboard.

 

However, if you are using another type of datasource in your dashboard the data will be refresh according to the data set roles are setup in the Power BI file. Therefere, a SQL database will show data per the user account used on the setup of the report. The work around is to setup RLS inside the data model in Power BI.

 

Hope this makes sense. See the details below:

 

Power BI RLS: https://docs.microsoft.com/en-us/power-bi/service-admin-rls

SSAS RLS: https://docs.microsoft.com/en-us/power-bi/desktop-tutorial-row-level-security-onprem-ssas-tabular

 

 

Anonymous
Not applicable

Okay thanks for the help. I have applied RLS and am not using SSAS.. I can't find any security issues with the Power BI file but am up against an IT department that is not much help because they have their own BI solution that they want to implement... sigh..

 

 

Hi there when you share a dashboard or report it is in read-only mode. Which means that the user with whom it is shared cannot gain access to anything besides what is shown on screen. This includes the SQL Connection in which if you are using SQL Authentication, the password is encrypted and even the connection to the particular SQL Server.

I have not had any issues or questions around the security when sharing a Power BI Dashboard, report or App




Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Helpful resources

Announcements
Sept PBI Carousel

Power BI Monthly Update - September 2024

Check out the September 2024 Power BI update to learn about new features.

September Hackathon Carousel

Microsoft Fabric & AI Learning Hackathon

Learn from experts, get hands-on experience, and win awesome prizes.

Sept NL Carousel

Fabric Community Update - September 2024

Find out what's new and trending in the Fabric Community.

Top Solution Authors